The host is installed with Apple Safari before 9 and is prone to a security bypass vulnerability. A flaw is present in the application, which requires user confirmation before replacing an installed extension. Successful exploitation could allow attackers to produce unspecified impact.